US Privacy Policy & Legal Terms

1. Data Minimization & Our Anti-Data Broker Promise

In beautiful alignment with the CCPA/CPRA, we collect specific Identifiers strictly to make the magic happen. This includes cryptographic identifiers (Discord User IDs, Guild IDs) and dynamically cached display data (Discord Usernames, Server Names) required solely to render fun, contextual analytics and Karma Reports for you, the Guild Owner. We also cache Inferences (like Karma scores and violation metrics) to help you shape your community's vibe.

Protecting Your Server's Sanctuary: We want to be crystal clear: Aegitox is NOT a Data Broker. While we display real usernames on your private server-specific leaderboards, our architecture enforces strict Row-Level Security (RLS) in our PostgreSQL database. Your members' behavioral profiles and cached display names are mathematically sealed within your Discord Server. We absolutely do not track, cross-pollinate, or sell global user profiles across different communities. What happens in your server, stays in your server.

2. Understanding AI Nuance & Generative Content

• Our Role as an AI Deployer (CA AB 2013 & Utah AI Act): Aegitox acts exclusively as a Deployer of pre-trained, robust AI models. This includes localized edge-filters and the Groq Enterprise Inference Cluster. We don't train foundational models on your data. Because generative AI is probabilistic, you kindly agree to hold us harmless from any AI "hallucinations," factual inaccuracies, or quirky outputs generated during these split-second inferences.
• Privacy by Design (Volatile Processing): To champion user privacy under state frameworks, Aegitox processes the vast majority of traffic natively on the edge. For PRO-tier deep semantic analysis, we enforce Global Zero Data Retention (ZDR). Text payloads exist only in Volatile RAM just long enough for the AI to read them, and are then permanently purged into the void.
• Swift Action & TAKE IT DOWN Act (2025) Compliance: We have zero tolerance for illegal content. Any valid, verified request regarding non-consensual or illegal AI-generated content will be definitively expunged from our systems within 48 hours. Let's keep the internet safe.
• Building Trust Through Transparency (FTC, CA SB 1001): We believe users should always know who they are talking to. By default, all text lovingly paraphrased by our AI engine is clearly labeled (e.g., "✨ Upgraded by Aegitox AI") to prevent confusion and maintain algorithmic honesty.

3. Fun Metrics, Not Real-World Scoring (ADMT Exemption)

The FCRA Exemption: Our "Karma" metric is a fun, internal gamification tool designed to reward positive vibes. It absolutely does NOT constitute a Consumer Report, credit score, or psychological profile under the Fair Credit Reporting Act (FCRA). We ask that you never use it for real-world decision-making.

Colorado AI Act Exemption & The Human Element: Aegitox algorithms are NOT classified as "High-Risk AI Systems," and our helpful automated timeouts are NOT "Consequential Decisions" affecting housing or employment. Furthermore, any automated timeout includes a simple dispute mechanism. Final disciplinary authority always remains with you, the human Server Administrator.

Giving Users Choice: Your community members can always opt-out of Karma tracking. If they do, our AI Vibe Filter will still protect your server in real-time (purely in-memory), but we will instantly stop maintaining their persistent Karma profile.

4. Cryptographic Security & Supporting Youth Safety

• Fortified Infrastructure & Secure Data Requests: We proudly defend against bad actors using a highly resilient BoundedChannels architecture in .NET 10. To prevent social engineering, Data Subject Access Requests (DSARs) are executed safely via cryptographically signed JWTs, generated exclusively by our systems after a secure Discord OAuth2 authentication.
• Supporting Discord's Youth Safety (MODPA/COPPA): We trust and rely on Discord's excellent native age-gating mechanisms. For users aged 13-17, chat data is processed purely under the "Strict Necessity" standard—evaluated in volatile memory to protect the server and instantly destroyed. We never use, and strictly prohibit the use of, minor data for targeted advertising.

5. Our Trusted Technology Partners

To keep Aegitox incredibly fast and secure, we partner with industry leaders. In compliance with state laws like the Oregon OCPA, here is our transparent, US-based supply chain (unless otherwise noted):

• Hetzner Cloud: High-performance Bare-metal infrastructure.
• Cloudflare: Our robust Edge CDN and Web Application Firewall. Transitory IP processing helps us squash bugs and block DDoS attacks.
• Supabase: Highly secure PostgreSQL database management.
• Groq, Inc.: Our Enterprise Inference Cluster, backing our promise of Global Zero Data Retention.
• Discord: Our incredible host platform.
• Firebase Hosting: Global Edge CDN delivering our beautiful Angular frontend safely to your browser.
• PayPro Global: Our dedicated Merchant of Record. We entrust all transactions to them to guarantee elite, PCI-compliant payment security.

6. Community Leadership & Mutual Support

As the individual installing Aegitox, you are the Authorized Representative of your community. You take the wonderful responsibility of establishing your server's rules and letting your members know how our AI helps keep the peace.

Protecting Each Other (Indemnification): Because we simply provide the tools you use to build your community, you graciously agree to defend and hold Aegitox harmless from any external claims, legal fees, or disputes that arise from how the bot is configured or utilized within your specific server.

Clear Communication: If an unforeseen security event ever occurs, we are obligated to securely notify you, the Guild Owner. You then take the baton to transparently inform your amazing community members.

7. Resolving Disagreements Amicably (Arbitration & Limits)

While we hope to never need this, we must outline how we handle formal disputes to protect both your community and our team. Please review these boundaries carefully.

• Fair & Efficient Arbitration: Any disagreements will be resolved fairly through binding, confidential arbitration administered by JAMS (via remote teleconference), allowing us to avoid lengthy court battles.
• Individual Focus (Class-Action Waiver): To keep proceedings focused and equitable, we both agree to bring claims strictly in our individual capacities, entirely waiving the right to participate in class-action lawsuits.
• Predictable Boundaries (Financial Cap): To provide B2B software at scale, our total cumulative financial liability to you is safely capped at the amount you paid for Aegitox in the twelve (12) months preceding the claim, or $100.00 USD, whichever is greater.
• Timely Resolution: Any claims must be brought forward within one (1) year of the incident, ensuring we address concerns while they are fresh.

8. Honoring Global Trade Regulations

To maintain our pristine standing with cloud providers and financial partners, Aegitox strictly abides by U.S. Export Administration Regulations (EAR) and OFAC sanctions.

Respecting Boundaries: By joining us, you confirm you are not located in, or operating on behalf of, a comprehensively embargoed region (including Cuba, Iran, North Korea, Syria, Russia, and the sanctioned regions of Ukraine). You also confirm you are not on any U.S. restricted parties list (like the SDN List).

We value transparency. Using VPNs to mask your location specifically to bypass federal sanctions puts our entire platform at risk and forces us to immediately terminate the account without refund. Let's keep things honest.

9. Empowering Your Privacy & Secure Requests

You possess powerful rights concerning your data, including the right to Access, Delete, and Opt-Out of Profiling. We've built the tools to help you exercise them smoothly.

Secure Verification Requirement: To shield your community from malicious data deletion, we require strict cryptographic proof for these requests. Please execute privacy requests directly through our securely authenticated dashboard. We safely ignore unverified, plain-text emails to ensure nobody impersonates you.

Strength in Structure (Severability): If any provision of this Global MSA is found unenforceable by a court of competent jurisdiction, that specific provision shall be limited to the minimum extent necessary, ensuring the absolute liability shield and remainder of the agreement remains in full force and effect.

For verified administrative inquiries, say hello: privacy@aegitox.com

10. Security, Authentication & Local Storage

To deliver a seamless, high-performance, and secure experience, the Aegitox platform utilizes the browser's Web Storage API (LocalStorage) rather than legacy HTTP cookies. In strict alignment with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), we are committed to absolute transparency regarding the operational data residing on your device.